OWASP TOP 10 Hands-On Training with Hacking-Lab

OWASP TOP 10 Hands-On Training with Hacking-Lab

Ivan Bütler, E1 Compass Security AG [email protected]

Goal of this Session

Find out if *YOU* feel like using Hacking-Lab as a free OWASP TOP 10 training platform

Bloom‘s Taxonomy Historically, discussions about student learning have been guided by a taxonomy of learning that has come to be known as Bloom’s taxonomy

Hacking-Lab Goal: *Reach the Apply Level*

© Compass Security AG

www.csnc.ch

Slide 3

Hacking-Lab Components

Hacking-Lab Architecture

PUBLIC

LiveCD

www.hacking-lab.com

OpenVPN *VULN APP* © Compass Security AG

www.csnc.ch

Slide 5

STEP 1: Vulnerable Services Hacking-Lab provides free *vulnerable* services

OpenVPN *VULN APP*

Screenshots of the *VULN APPS*

© Compass Security AG

www.csnc.ch

Slide 7

Details of the *VULN APPS* Glocken Shop (Cow-Bell Shop == MADE IN SWITZERLAND)
Includes all TOP 10 vulnerabilities
Core of the Web Hacking Challenges
Java based (Apache, Tomcat, MySQL)

ASProxy
IIS Webserver + ViewState vulnerabilities

Glocken Franz
Second Order Injection Host
SOAP Interfaces (WSDL Security Challenges)

MySpace
Used for XSS worm development

Oracle Suite
Advanced Oracle SQL Injection Attacks (Alexander Kornbrust) © Compass Security AG

www.csnc.ch

Slide 8

Supported Web Hacking Cases  SQL Injection (simple, blind, advanced)  XSS (stored, reflected, worm development)  XSRF  JSON Hijacking  Applet Hacking, ActiveX Exploitation, Flash Exploitation  Malicious BHO / FF Plugin (Observation Plugin)  Authorization Bypass, Session Fixation  XML Attacks / External Entity Attack / Xpath Attack  ASP.NET ViewState & JavaScript Malware Analysis © Compass Security AG

www.csnc.ch

Slide 9

Current Development  HTML5 Security Challenges  SAML/SAML2  Hardened Browser (Copy & Paste Protection)  Mutual Authentication Bypass

© Compass Security AG

www.csnc.ch

Slide 10

Step 2: Client Workstation

Hacking-Lab provides a free HL LiveCD „Standardized client environment for the students in HL“

Virtual Box Appliance or ISO Image (Ubuntu based)

http://media.hacking-lab.com/largefiles/livecd/ © Compass Security AG

www.csnc.ch

Slide 12

LiveCD Desktop (OpenVPN ready)

© Compass Security AG

www.csnc.ch

Slide 13

LiveCD Help with local DokuWiki page

© Compass Security AG

www.csnc.ch

Slide 14

Do you *think* this is enough?

No!!!!! This or something similar is available everywhere online!

What makes the *difference* ?

STEP 3

The *difference* makes the

The *best* way to explain Hacking-Lab is to show Hacking-Lab

1) First: I will show you some basics 2) Second: You can play around

Hacking-Lab Roles  Student

Choose lab case (theme, subject) Solve lab cases Submit solution to teacher Wait for the ranking

 Teacher

Compile lab case list (event) Verify solutions from student Give points -> ranking Explain solution -> movie

© Compass Security AG

www.csnc.ch

Slide 19

Solution Management Application (Teacher View)

© Compass Security AG

www.csnc.ch

Slide 20

Goodie A: Solution Movie for the Teacher Insert screenshot here

© Compass Security AG

www.csnc.ch

Slide 21

Goodie B: OWASP Theory Modules Insert screenshot herer

© Compass Security AG

www.csnc.ch

Slide 22

Hacking-Lab Certification Programm

© Compass Security AG

www.csnc.ch

Slide 23

Hacking-Lab Availability Considerations

Is Hacking-Lab an *approved* service?

Hacking-Lab is providing the CarGame Challenges

© Compass Security AG

www.csnc.ch

Slide 25

Hacking-Lab Experience 2007: Swiss Cyber Storm 1
100 concurrent users

2009: Swiss Cyber Storm 2
150 concurrent users

2011: Swiss Cyber Storm 3 (CarGame, May 12-15, 2011)
Expecting 250 concurrent users

Since 2010: University FH Giessen (Germany)
Basic Web Hacking Course
Advanced Web Hacking Course
EURO 3000.-- / year (unlimited users)

© Compass Security AG

www.csnc.ch

Slide 26

Wrap-Up

What was the Goal of this Session?

Find out if *YOU* feel like using Hacking-Lab as a free OWASP TOP 10 training platform

Important Details about Hacking-Lab  Hacking-Lab supports ALL OWASP TOP 10 issues  Hacking-Lab is a *Service* not a binary or tarball  Hacking-Lab offers OWASP the opportunity to setup a free OWASP TOP 10 training programm world-wide  OWASP can benefit from the certification program. OWASP can setup their own rating/ranking/evaluation criteria  That‘s it – make your decision!  Let‘s talk about yes/no and if yes about the details  THANK YOU MATT FOR BEING THE MEETING MINUTES WRITER AND LINK TO THE BOARD © Compass Security AG

www.csnc.ch

Slide 29

Now YOU can play with HL

Register for one or both free events below OWASP SBS Event ALL (SBS) http://www.hacking-lab.com/sh/8BX0psX

CarGame Challenge (WARGAME) http://www.hacking-lab.com/sh/aBpKnVH

Use the LiveCD to give it a try
DVD‘s available here (Ivan)
Preferred solution: VirtualBox Appliance
http://media.hacking-lab.com/largefiles/livecd/ © Compass Security AG

www.csnc.ch

Slide 31